Behind the Scenes at Jungle Disk - Terraform Basics

Recently, we have been experimenting with Terraform as a method for managing the Jungle Disk environment at a high level. While Ansible is fantastic as a configuration management tool, creating a dynamic inventory can take a fair bit of work without turning to a costly solution like Ansible Tower. Without the proper amount of time to be able to dedicate to maintaining an effective dynamic inventory, I was rather impressed with the simplicity of Terraform. Terraform is single binary that you can use to build and change hosted infrastructure by using simple human-readable config files. When run, terraform loads any files in your current directory with a .tf file extension and check a .tfstatefile to see whether the items defined in your config file(s) exist and if so, make any necessary changes to them (or create them if they don’t exist).

Installing Terraform

Given that Terraform is a single binary, there are no complex installation instructions. It can be downloaded from Terraform and can be extracted into any directory, though as a best practice I would suggest it be in a directory specifically created for Terraform given that it looks in its current directory for files to load.

Building Infrastructure with Terraform

In the directory Terraform was extracted to, any .tf file you create will be loaded when Terraform is run. You can find a very basic example of building a server in the Terraform documentation here.
For this basic (and not yet fully complete) example of how we plan to use it, we can use Terraform to create a small grouping of 6 with some minor configuration work done to ensure when a resource is spun up, it is spun up with a particular AMI on a particular instance type with particular additional details. While all of this is possible with Ansible, Terraform will remember the instances it creates and all the details about them.

Importing Existing Servers

In our case, we already have instances which match these details so while it’s great that Terraform will automatically manage and remember servers it creates itself, how do you add servers that already exist?

Syntax for importing the first signing server from our previous example would be “terraform import aws_instance.signing[0]”. While Terraform is capable of importing the server into the statefile, it is not currently possible to have Terraform automatically build a config based on the server state. What this means is once the server is imported, you will need to write your own config for your server(s). This can be dangerous if you’re not careful as running “Terraform plan” after importing a server, if you do not first build a config file for it, will cause Terraform to believe the server needs to be destroyed due to there being no config file defining its existence. While this can be dangerous, a temporary solution could be to use a restricted IAM user while building/defining your environment to prevent the risk of accidentally deleting something.